Privacy and Cookie Policy
PRIVACY POLICY - HOW WE USE YOUR PERSONAL INFORMATION
We are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or which you provide to us, will be processed by us. By visiting our website you are accepting and consenting to the practices described in this policy
1. We may collect and process the following data about you:
(a) You may give us information about you by filling in forms on our website or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use our site, subscribe to our service, search for a product, place an order on our site, participate in discussion boards or other social media functions on our site, enter a competition, promotion or survey, and when you report a problem with our site. The information you give us may include your name, address, email address and phone number, financial and credit card information.
2. We use information held about you in the following ways:
(a) Information you give to us. We will use this information:
(i) to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
(ii) to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
(iii) to provide you with information about goods or services we feel may interest you in pursuant of our legitimate business interests. If you are an existing customer, we will only contact you by electronic means (email or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer we will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, please tick the relevant box situated on checkout.
(iv) to notify you about changes to our service;
(v) to ensure that content from our website is presented in the most effective manner for you and for your computer.
3. Information we collect about you. We will use this information:
(a) to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
(b) to improve our website to ensure that content is presented in the most effective manner for you and for your computer;
(c) to allow you to participate in interactive features of our service, when you choose to do so;
(d) as part of our efforts to keep our site safe and secure;
(e) to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
(f) to make suggestions and recommendations to you and other users of our website about goods or services that may interest you or them.
4. Disclosure of your information:
(a) We may disclose your personal information to our professional advisors or if we are under a duty to do so in order to comply with any legal obligation.
5. Where we store your personal data
(a) the data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"), where your data is being transferred outside of the EEA we will endeavour to protect your data with appropriate safeguards such as the EU-U.S. Privacy Shield, European Commission decision 2002/2/EC, Binding Corporate Rules or other appropriate safeguards. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
(b) Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
(c) Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
6. Your rights
(a) You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting our Customer Services team via email at hello@blossomyogawear.com.
(b) Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
7. Access to information
(a) European Union's General Data Protection Regulation (GDPR) gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request will be free of charge. You also have the right to:
Right of access by the data subject
Rectification and erasure
Right to rectification
Right to erasure (‘right to be forgotten’)
Right to restriction of processing
Notification obligation regarding rectification or erasure of personal data or restriction of processing
Right to data portability
Right to object and automated individual decision-making
Right to object
Automated individual decision-making, including profiling
8. Payment
If you choose a direct payment gateway to complete your purchase, then Shopify (our website host) stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
9. Third Party Services
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.
Links
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
10. Security
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
11. Cookies
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
12. Age of Consent
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
13. Changes to our privacy policy
(a) Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.
14. Klarna
In order to be able to offer you Klarna’s payment options, we will pass to Klarna certain aspects of your personal information, such as contact and order details, in order for Klarna to assess whether you qualify for their payment options and to tailor the payment options for you.
General information on Klarna you can find here. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Klarna’s privacy policy.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at hello@blossomyogawear.com or by mail at
Blossom Yoga Wear
[Re: Privacy Compliance Officer]
264 Woodlands Avenue Ruislip GB HA49QZ
----